Skip to content

Commit 3ddcec5

Browse files
Validate that the verify function checks the signature length
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
1 parent 53e5d76 commit 3ddcec5

1 file changed

Lines changed: 34 additions & 4 deletions

File tree

tests/suites/test_suite_pqcp_mldsa.function

Lines changed: 34 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -139,23 +139,53 @@ exit:
139139
/* BEGIN_CASE depends_on:TF_PSA_CRYPTO_PQCP_MLDSA_87_ENABLED */
140140
void verify_pure_87(data_t *public_key, data_t *message, data_t *signature)
141141
{
142+
size_t candidate_size = signature->len;
143+
uint8_t *candidate = NULL;
144+
142145
/* Sanity checks on the test data that we pass to the function under test */
143146
TEST_EQUAL(public_key->len, MLDSA_PUBLICKEYBYTES(87));
144147
TEST_EQUAL(signature->len, MLDSA_BYTES(87));
145148

146149
/* Verify the signature */
147-
TEST_EQUAL(tf_psa_crypto_pqcp_mldsa87_verify(signature->x, signature->len,
150+
TEST_CALLOC(candidate, candidate_size);
151+
memcpy(candidate, signature->x, signature->len);
152+
TEST_EQUAL(tf_psa_crypto_pqcp_mldsa87_verify(candidate, candidate_size,
148153
message->x, message->len,
149154
NULL, 0,
150155
public_key->x), 0);
151156

152157
/* Verify that a one-bit-off signature is wrong */
153-
signature->x[signature->len - 1] ^= 1;
154-
TEST_EQUAL(tf_psa_crypto_pqcp_mldsa87_verify(signature->x, signature->len,
158+
candidate[candidate_size - 1] ^= 1;
159+
TEST_EQUAL(tf_psa_crypto_pqcp_mldsa87_verify(candidate, candidate_size,
160+
message->x, message->len,
161+
NULL, 0,
162+
public_key->x), MLD_ERR_FAIL);
163+
mbedtls_free(candidate);
164+
candidate = NULL;
165+
166+
/* Verify that a shorter signature is rejected */
167+
candidate_size = signature->len - 1;
168+
TEST_CALLOC(candidate, candidate_size);
169+
memcpy(candidate, signature->x, signature->len - 1);
170+
TEST_EQUAL(tf_psa_crypto_pqcp_mldsa87_verify(candidate, candidate_size,
155171
message->x, message->len,
156172
NULL, 0,
157173
public_key->x), MLD_ERR_FAIL);
158-
signature->x[signature->len - 1] ^= 1;
174+
mbedtls_free(candidate);
175+
candidate = NULL;
176+
177+
/* Verify that a longer signature is rejected */
178+
candidate_size = signature->len + 1;
179+
TEST_CALLOC(candidate, candidate_size);
180+
memcpy(candidate, signature->x, signature->len);
181+
TEST_EQUAL(tf_psa_crypto_pqcp_mldsa87_verify(candidate, candidate_size,
182+
message->x, message->len,
183+
NULL, 0,
184+
public_key->x), MLD_ERR_FAIL);
185+
mbedtls_free(candidate);
186+
candidate = NULL;
159187

188+
exit:
189+
mbedtls_free(candidate);
160190
}
161191
/* END_CASE */

0 commit comments

Comments
 (0)